Adding and Managing Uplink Devices

The main uplink device connected to the appliance (configured during initial network configuration) connects the appliance to the Internet and allows network zones like the local area network and DMZ to access the Internet. As a standby, the administrator can connect more than one uplink device to the appliance. The additional uplink device(s) can be configured and used for fail-over in case the main uplink fails.

The 'Uplinks Manager' screen displays a list of current uplinks and allows the administrator to configure new uplinks.

To add and manage uplink devices

• Click 'Network' > 'Interfaces' from the left hand side navigation

• Click the 'Uplink editor' tab.

Uplink Editor Table - Column Descriptions

Column Description

ID The identity of the uplink device, as assigned automatically by the UTM appliance.

Description A short description of the uplink device as entered by the administrator during creation.

Type The Type of uplink device.

Backup-link The alternative uplink connection that will be activated in the event of failure of this uplink Actions Displays control buttons for enabling/disabling and editing the uplink.

- Allows the administrator to enable or disable the uplink. A tick in the checkbox indicates that the uplink is enabled.

- Edit the uplink

- Removes the uplink

The interface allows the administrator to:

• Create a new uplink

• Edit an existing uplink To add a new uplink

Note: Before configuring a new uplink, ensure that you have connected the uplink device to the UTM appliance.

• Click the 'Create an uplink' link at the top left of the 'Uplink editor' interface. The 'Uplink editor' pane will open.

The 'Uplink Editor' interface is divided into four areas:

• General Settings - Select the type of uplink device and create a name for the device

• Device Settings - Enter configuration parameters for the selected device

• Uplink Settings - Specify power and fail-over options for the uplink

• Advanced Settings - Specify custom MAC address and connection timeout period for the uplink

General Settings

• Description - Enter a short description for the uplink created. This will appear in the Description column in the list of uplinks

• Type - Choose the type of uplink device connected Device Settings

The Device Settings area differs according to the type of uplink device chosen in the 'Type' field. The UTM appliance supports following uplink device types:

• Ethernet DHCP

• Gateway

• PPPoE

• Ethernet Static Ethernet DHCP

• Device - Select the physical port of the appliance to which the Ethernet DHCP modem is connected.

• Use Custom DNS settings - Select whether the DNS servers are to be automatically or manually assigned. If the latter, select the 'Use Custom DNS Settings' checkbox and enter the IP addresses/hostnames of the primary and secondary DNS servers to be used.

Gateway

• Default Gateway - If you have chosen to deploy a node among your internal network zones as a gateway for the UTM appliance to connect to Internet, enter the IP address or hostname of the default gateway in the 'Default Gateway' text box

• Primary DNS and Secondary DNS - Enter the IP addresses/hostnames of the primary and secondary DNS servers to be used.

PPPoE

• Device - Select the physical port of the appliance to which the PPPoE modem is connected

• Add additional addresses - You can specify additional IP addresses to be added to the interface by selecting this checkbox. Enter the addresses in IP/netmask or IP/CIDR notation one-by-one in the text box that appears on selecting the checkbox.

• Username and Password - Enter the login username and password for Internet connection, provided by your ISP.

• Authentication Method - Select the method of authentication used by your ISP for your device to connect to Internet from the drop-down. The options available are: Password Authentication Protocol (PAP); Challenge Handshake Authentication Protocol (CHAP); or both. If you are not sure about the authentication method, choose PAP or CHAP (Default).

• Use Custom DNS settings -Select whether the DNS servers are to be automatically or manually assigned. If the latter, select the 'Use Custom DNS Settings' checkbox and enter the IP addresses/hostnames of the primary and secondary DNS servers to be used.

Ethernet Static

• Device - Select the physical port of the appliance to which the Ethernet Static modem is connected, from the drop-down

• IP Address and Netmask - Enter the static IP address and netmask of your Internet connection

• Add additional addresses - You can specify additional IP addresses to be added to the interface by selecting this checkbox. Enter the addresses in IP/netmask or IP/CIDR notation one-by-one in the text box that appears on selecting the checkbox.

• Default gateway - Enter the IP address of your default gateway

• Primary DNS and Secondary DNS - Enter the IP addresses of the primary and secondary DNS servers Uplink settings

• Uplink is Enabled - The uplink will be activated immediately after clicking the 'Update Uplink' button. Deselect this checkbox if you don't want to enable the uplink. You can enable the uplink at a later time in two ways:

• Select the checkbox in the 'Actions' column of the 'Uplinks Manager' interface. Refer to the description of the Uplinks Manager interface for more details

• Select the 'Active' checkbox beside the uplink in the Uplinks box from the Dashboard. Refer to the portion explaining the Uplinks box in the 'Dashboard' chapter for more details.

• Start uplink on boot - The uplink will start automatically on every restart of the UTM appliance. Deselect this checkbox if you want to manually start the uplink when required.

• Uplink is managed - The uplink will be managed by Korugan and its details will be displayed in the Dashboard.

Deselect this option if you do not want the uplink details to be displayed in the Dashboard. You can switch the uplink to managed state at any time by selecting the 'Managed' checkbox beside the uplink in the Dashboard. Refer to the section explaining the Uplinks box in the 'Dashboard' chapter for more details.

• If this uplink fails activate - Select an alternative uplink connection to be activated in the event this uplink fails.

• Check if these hosts are reachable - The uplink reconnects automatically after a time period set by your ISP, in the event of a connection failure. If you want the appliance to check whether the uplink has connected successfully, you can try to ping known hosts in an external network. Enabling this option will reveal a text field where you should enter a list of one or more perpetually reachable IP addresses or hostnames. One of the hosts could be your ISP's DNS server or gateway.

Advanced Settings

The Advanced Settings pane allows administrators to configure a custom physical address for the uplink device and the reconnection time out period. These settings are only for advanced users, hence the pane is not displayed by default. To open this panel, click the '+' button next to 'Advanced Settings'.

• Use custom MAC address - By default, the appliance automatically detects the MAC address of the device connected to the specified port. If you need to specify a different MAC address (and replace the default MAC address of the external interface), select this checkbox and enter the MAC address in the text box that appears below the checkbox. (Not required, if you have chosen a Gateway as uplink device).

• Reconnection timeout - Specify the maximum time period (in seconds) that the uplink should attempt to reconnect in the event of a connection failure. The reconnection timeout period depends on the ISP configuration. If you are unsure, leave this field blank.

• MTU - Enter the Maximum Transmission Unit (MTU) of the data packets that can be sent over the network. (Optional) Click 'Create Uplink' after configuring the parameters. The uplink will be added to the Uplinks Manager interface. You can enable/disable the uplink at any time from the Uplinks Manager interface.

To edit an uplink

• Click the Edit button in the row of the uplink from the Uplinks Manager interface. The uplink editor pane will open.

• Edit the details as required and click 'Update Uplink'. Refer to the section above for more details The new details will be saved and activated when the service is next restarted.